Cloudflare WAF

Hi,

We are interested in your WAF, but we are not sure how it works. Our goal is there are different IPs we want to block coz its trying to inject i.e.

https://www.domain.com/mydirectory/o.php?p="><script>alert(String.fromCharCode(88%2C83%2C83))%3C/script%3E&g=1&t=UG9zaXRpb246VCBhbmQgQ3xSYW5rOjF8T2ZmZXIxOiZwb3VuZDs1IEJPTlVTfE9mZmVyMjpEZXBvc2l0ICZwb3VuZDswfE9mZmVyMzpQbGF5IHdpdGggJnBvdW5kOzV8UmF0aW5nOjUuMA
https://www.domain.com/p.php?p=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd &g=1&t=UG9zaXRpb246VCBhbmQgQ3xSYW5rOjF8T2ZmZXIxOiZwb3VuZDs1IEJPTlVTfE9mZmVyMjpEZXBvc2l0ICZwb3VuZDswfE9mZmVyMzpQbGF5IHdpdGggJnBvdW5kOzV8UmF0aW5nOjUuMA,,
https://www.domain.com/p.php?q=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd&g=1&t=UG9zaXRpb246VCBhbmQgQ3xSYW5rOjF8T2ZmZXIxOiZwb3VuZDs1IEJPTlVTfE9mZmVyMjpEZXBvc2l0ICZwb3VuZDswfE9mZmVyMzpQbGF5IHdpdGggJnBvdW5kOzV8UmF0aW5nOjUuMA,,

Is the WAF can automatically detect injection and block the IP or are we gonna set a rules (but problem is there is no pattern)? Our server is getting hammered.

i guess im looking for rate limiting, is that available in cloudflare for free or need an upgrade?

I don’t think Cloudflare is going to divulge what exactly the WAF will block or not, but you can certainly set up a test domain and try it out.

There’s also Rate Limiting:

I changed the domain name in the examples above to www.cloudflare.com and got a sorry you’ve been blocked page… so I think you’d be covered. :smiley:

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.